1 /* 2 RFCOMM implementation for Linux Bluetooth stack (BlueZ). 3 Copyright (C) 2002 Maxim Krasnyansky <maxk@qualcomm.com> 4 Copyright (C) 2002 Marcel Holtmann <marcel@holtmann.org> 5 6 This program is free software; you can redistribute it and/or modify 7 it under the terms of the GNU General Public License version 2 as 8 published by the Free Software Foundation; 9 10 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 11 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 12 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 13 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 14 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 15 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 16 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 17 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 18 19 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 20 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 21 SOFTWARE IS DISCLAIMED. 22 */ 23 24 /* 25 RPN support - Dirk Husemann <hud@zurich.ibm.com> 26 */ 27 28 /* 29 * Bluetooth RFCOMM core. 30 * 31 * $Id: core.c,v 1.42 2002/10/01 23:26:25 maxk Exp $ 32 */ 33 34 #include <linux/config.h> 35 #include <linux/module.h> 36 #include <linux/errno.h> 37 #include <linux/kernel.h> 38 #include <linux/sched.h> 39 #include <linux/signal.h> 40 #include <linux/init.h> 41 #include <linux/wait.h> 42 #include <linux/net.h> 43 #include <linux/proc_fs.h> 44 #include <linux/seq_file.h> 45 #include <net/sock.h> 46 #include <asm/uaccess.h> 47 #include <asm/unaligned.h> 48 49 #include <net/bluetooth/bluetooth.h> 50 #include <net/bluetooth/hci_core.h> 51 #include <net/bluetooth/l2cap.h> 52 #include <net/bluetooth/rfcomm.h> 53 54 #define VERSION "1.5" 55 56 #ifndef CONFIG_BT_RFCOMM_DEBUG 57 #undef BT_DBG 58 #define BT_DBG(D...) 59 #endif 60 61 #ifdef CONFIG_PROC_FS 62 struct proc_dir_entry *proc_bt_rfcomm; 63 #endif 64 65 static struct task_struct *rfcomm_thread; 66 67 static DECLARE_MUTEX(rfcomm_sem); 68 #define rfcomm_lock() down(&rfcomm_sem); 69 #define rfcomm_unlock() up(&rfcomm_sem); 70 71 static unsigned long rfcomm_event; 72 73 static LIST_HEAD(session_list); 74 static atomic_t terminate, running; 75 76 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len); 77 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci); 78 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci); 79 static int rfcomm_queue_disc(struct rfcomm_dlc *d); 80 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type); 81 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d); 82 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig); 83 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len); 84 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits); 85 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr); 86 87 static void rfcomm_process_connect(struct rfcomm_session *s); 88 89 static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err); 90 static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst); 91 static void rfcomm_session_del(struct rfcomm_session *s); 92 93 /* ---- RFCOMM frame parsing macros ---- */ 94 #define __get_dlci(b) ((b & 0xfc) >> 2) 95 #define __get_channel(b) ((b & 0xf8) >> 3) 96 #define __get_dir(b) ((b & 0x04) >> 2) 97 #define __get_type(b) ((b & 0xef)) 98 99 #define __test_ea(b) ((b & 0x01)) 100 #define __test_cr(b) ((b & 0x02)) 101 #define __test_pf(b) ((b & 0x10)) 102 103 #define __addr(cr, dlci) (((dlci & 0x3f) << 2) | (cr << 1) | 0x01) 104 #define __ctrl(type, pf) (((type & 0xef) | (pf << 4))) 105 #define __dlci(dir, chn) (((chn & 0x1f) << 1) | dir) 106 #define __srv_channel(dlci) (dlci >> 1) 107 #define __dir(dlci) (dlci & 0x01) 108 109 #define __len8(len) (((len) << 1) | 1) 110 #define __len16(len) ((len) << 1) 111 112 /* MCC macros */ 113 #define __mcc_type(cr, type) (((type << 2) | (cr << 1) | 0x01)) 114 #define __get_mcc_type(b) ((b & 0xfc) >> 2) 115 #define __get_mcc_len(b) ((b & 0xfe) >> 1) 116 117 /* RPN macros */ 118 #define __rpn_line_settings(data, stop, parity) ((data & 0x3) | ((stop & 0x1) << 2) | ((parity & 0x3) << 3)) 119 #define __get_rpn_data_bits(line) ((line) & 0x3) 120 #define __get_rpn_stop_bits(line) (((line) >> 2) & 0x1) 121 #define __get_rpn_parity(line) (((line) >> 3) & 0x3) 122 123 static inline void rfcomm_schedule(uint event) 124 { 125 if (!rfcomm_thread) 126 return; 127 //set_bit(event, &rfcomm_event); 128 set_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event); 129 wake_up_process(rfcomm_thread); 130 } 131 132 static inline void rfcomm_session_put(struct rfcomm_session *s) 133 { 134 if (atomic_dec_and_test(&s->refcnt)) 135 rfcomm_session_del(s); 136 } 137 138 /* ---- RFCOMM FCS computation ---- */ 139 140 /* CRC on 2 bytes */ 141 #define __crc(data) (rfcomm_crc_table[rfcomm_crc_table[0xff ^ data[0]] ^ data[1]]) 142 143 /* FCS on 2 bytes */ 144 static inline u8 __fcs(u8 *data) 145 { 146 return (0xff - __crc(data)); 147 } 148 149 /* FCS on 3 bytes */ 150 static inline u8 __fcs2(u8 *data) 151 { 152 return (0xff - rfcomm_crc_table[__crc(data) ^ data[2]]); 153 } 154 155 /* Check FCS */ 156 static inline int __check_fcs(u8 *data, int type, u8 fcs) 157 { 158 u8 f = __crc(data); 159 160 if (type != RFCOMM_UIH) 161 f = rfcomm_crc_table[f ^ data[2]]; 162 163 return rfcomm_crc_table[f ^ fcs] != 0xcf; 164 } 165 166 /* ---- L2CAP callbacks ---- */ 167 static void rfcomm_l2state_change(struct sock *sk) 168 { 169 BT_DBG("%p state %d", sk, sk->sk_state); 170 rfcomm_schedule(RFCOMM_SCHED_STATE); 171 } 172 173 static void rfcomm_l2data_ready(struct sock *sk, int bytes) 174 { 175 BT_DBG("%p bytes %d", sk, bytes); 176 rfcomm_schedule(RFCOMM_SCHED_RX); 177 } 178 179 static int rfcomm_l2sock_create(struct socket **sock) 180 { 181 int err; 182 183 BT_DBG(""); 184 185 err = sock_create_kern(PF_BLUETOOTH, SOCK_SEQPACKET, BTPROTO_L2CAP, sock); 186 if (!err) { 187 struct sock *sk = (*sock)->sk; 188 sk->sk_data_ready = rfcomm_l2data_ready; 189 sk->sk_state_change = rfcomm_l2state_change; 190 } 191 return err; 192 } 193 194 /* ---- RFCOMM DLCs ---- */ 195 static void rfcomm_dlc_timeout(unsigned long arg) 196 { 197 struct rfcomm_dlc *d = (void *) arg; 198 199 BT_DBG("dlc %p state %ld", d, d->state); 200 201 set_bit(RFCOMM_TIMED_OUT, &d->flags); 202 rfcomm_dlc_put(d); 203 rfcomm_schedule(RFCOMM_SCHED_TIMEO); 204 } 205 206 static void rfcomm_dlc_set_timer(struct rfcomm_dlc *d, long timeout) 207 { 208 BT_DBG("dlc %p state %ld timeout %ld", d, d->state, timeout); 209 210 if (!mod_timer(&d->timer, jiffies + timeout)) 211 rfcomm_dlc_hold(d); 212 } 213 214 static void rfcomm_dlc_clear_timer(struct rfcomm_dlc *d) 215 { 216 BT_DBG("dlc %p state %ld", d, d->state); 217 218 if (timer_pending(&d->timer) && del_timer(&d->timer)) 219 rfcomm_dlc_put(d); 220 } 221 222 static void rfcomm_dlc_clear_state(struct rfcomm_dlc *d) 223 { 224 BT_DBG("%p", d); 225 226 d->state = BT_OPEN; 227 d->flags = 0; 228 d->mscex = 0; 229 d->mtu = RFCOMM_DEFAULT_MTU; 230 d->v24_sig = RFCOMM_V24_RTC | RFCOMM_V24_RTR | RFCOMM_V24_DV; 231 232 d->cfc = RFCOMM_CFC_DISABLED; 233 d->rx_credits = RFCOMM_DEFAULT_CREDITS; 234 } 235 236 struct rfcomm_dlc *rfcomm_dlc_alloc(int prio) 237 { 238 struct rfcomm_dlc *d = kmalloc(sizeof(*d), prio); 239 if (!d) 240 return NULL; 241 memset(d, 0, sizeof(*d)); 242 243 init_timer(&d->timer); 244 d->timer.function = rfcomm_dlc_timeout; 245 d->timer.data = (unsigned long) d; 246 247 skb_queue_head_init(&d->tx_queue); 248 spin_lock_init(&d->lock); 249 atomic_set(&d->refcnt, 1); 250 251 rfcomm_dlc_clear_state(d); 252 253 BT_DBG("%p", d); 254 return d; 255 } 256 257 void rfcomm_dlc_free(struct rfcomm_dlc *d) 258 { 259 BT_DBG("%p", d); 260 261 skb_queue_purge(&d->tx_queue); 262 kfree(d); 263 } 264 265 static void rfcomm_dlc_link(struct rfcomm_session *s, struct rfcomm_dlc *d) 266 { 267 BT_DBG("dlc %p session %p", d, s); 268 269 rfcomm_session_hold(s); 270 271 rfcomm_dlc_hold(d); 272 list_add(&d->list, &s->dlcs); 273 d->session = s; 274 } 275 276 static void rfcomm_dlc_unlink(struct rfcomm_dlc *d) 277 { 278 struct rfcomm_session *s = d->session; 279 280 BT_DBG("dlc %p refcnt %d session %p", d, atomic_read(&d->refcnt), s); 281 282 list_del(&d->list); 283 d->session = NULL; 284 rfcomm_dlc_put(d); 285 286 rfcomm_session_put(s); 287 } 288 289 static struct rfcomm_dlc *rfcomm_dlc_get(struct rfcomm_session *s, u8 dlci) 290 { 291 struct rfcomm_dlc *d; 292 struct list_head *p; 293 294 list_for_each(p, &s->dlcs) { 295 d = list_entry(p, struct rfcomm_dlc, list); 296 if (d->dlci == dlci) 297 return d; 298 } 299 return NULL; 300 } 301 302 static int __rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel) 303 { 304 struct rfcomm_session *s; 305 int err = 0; 306 u8 dlci; 307 308 BT_DBG("dlc %p state %ld %s %s channel %d", 309 d, d->state, batostr(src), batostr(dst), channel); 310 311 if (channel < 1 || channel > 30) 312 return -EINVAL; 313 314 if (d->state != BT_OPEN && d->state != BT_CLOSED) 315 return 0; 316 317 s = rfcomm_session_get(src, dst); 318 if (!s) { 319 s = rfcomm_session_create(src, dst, &err); 320 if (!s) 321 return err; 322 } 323 324 dlci = __dlci(!s->initiator, channel); 325 326 /* Check if DLCI already exists */ 327 if (rfcomm_dlc_get(s, dlci)) 328 return -EBUSY; 329 330 rfcomm_dlc_clear_state(d); 331 332 d->dlci = dlci; 333 d->addr = __addr(s->initiator, dlci); 334 d->priority = 7; 335 336 d->state = BT_CONFIG; 337 rfcomm_dlc_link(s, d); 338 339 d->mtu = s->mtu; 340 d->cfc = (s->cfc == RFCOMM_CFC_UNKNOWN) ? 0 : s->cfc; 341 342 if (s->state == BT_CONNECTED) 343 rfcomm_send_pn(s, 1, d); 344 rfcomm_dlc_set_timer(d, RFCOMM_CONN_TIMEOUT); 345 return 0; 346 } 347 348 int rfcomm_dlc_open(struct rfcomm_dlc *d, bdaddr_t *src, bdaddr_t *dst, u8 channel) 349 { 350 int r; 351 352 rfcomm_lock(); 353 354 r = __rfcomm_dlc_open(d, src, dst, channel); 355 356 rfcomm_unlock(); 357 return r; 358 } 359 360 static int __rfcomm_dlc_close(struct rfcomm_dlc *d, int err) 361 { 362 struct rfcomm_session *s = d->session; 363 if (!s) 364 return 0; 365 366 BT_DBG("dlc %p state %ld dlci %d err %d session %p", 367 d, d->state, d->dlci, err, s); 368 369 switch (d->state) { 370 case BT_CONNECTED: 371 case BT_CONFIG: 372 case BT_CONNECT: 373 d->state = BT_DISCONN; 374 if (skb_queue_empty(&d->tx_queue)) { 375 rfcomm_send_disc(s, d->dlci); 376 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT); 377 } else { 378 rfcomm_queue_disc(d); 379 rfcomm_dlc_set_timer(d, RFCOMM_DISC_TIMEOUT * 2); 380 } 381 break; 382 383 default: 384 rfcomm_dlc_clear_timer(d); 385 386 rfcomm_dlc_lock(d); 387 d->state = BT_CLOSED; 388 d->state_change(d, err); 389 rfcomm_dlc_unlock(d); 390 391 skb_queue_purge(&d->tx_queue); 392 rfcomm_session_put(s); 393 394 rfcomm_dlc_unlink(d); 395 } 396 397 return 0; 398 } 399 400 int rfcomm_dlc_close(struct rfcomm_dlc *d, int err) 401 { 402 int r; 403 404 rfcomm_lock(); 405 406 r = __rfcomm_dlc_close(d, err); 407 408 rfcomm_unlock(); 409 return r; 410 } 411 412 int rfcomm_dlc_send(struct rfcomm_dlc *d, struct sk_buff *skb) 413 { 414 int len = skb->len; 415 416 if (d->state != BT_CONNECTED) 417 return -ENOTCONN; 418 419 BT_DBG("dlc %p mtu %d len %d", d, d->mtu, len); 420 421 if (len > d->mtu) 422 return -EINVAL; 423 424 rfcomm_make_uih(skb, d->addr); 425 skb_queue_tail(&d->tx_queue, skb); 426 427 if (!test_bit(RFCOMM_TX_THROTTLED, &d->flags)) 428 rfcomm_schedule(RFCOMM_SCHED_TX); 429 return len; 430 } 431 432 void fastcall __rfcomm_dlc_throttle(struct rfcomm_dlc *d) 433 { 434 BT_DBG("dlc %p state %ld", d, d->state); 435 436 if (!d->cfc) { 437 d->v24_sig |= RFCOMM_V24_FC; 438 set_bit(RFCOMM_MSC_PENDING, &d->flags); 439 } 440 rfcomm_schedule(RFCOMM_SCHED_TX); 441 } 442 443 void fastcall __rfcomm_dlc_unthrottle(struct rfcomm_dlc *d) 444 { 445 BT_DBG("dlc %p state %ld", d, d->state); 446 447 if (!d->cfc) { 448 d->v24_sig &= ~RFCOMM_V24_FC; 449 set_bit(RFCOMM_MSC_PENDING, &d->flags); 450 } 451 rfcomm_schedule(RFCOMM_SCHED_TX); 452 } 453 454 /* 455 Set/get modem status functions use _local_ status i.e. what we report 456 to the other side. 457 Remote status is provided by dlc->modem_status() callback. 458 */ 459 int rfcomm_dlc_set_modem_status(struct rfcomm_dlc *d, u8 v24_sig) 460 { 461 BT_DBG("dlc %p state %ld v24_sig 0x%x", 462 d, d->state, v24_sig); 463 464 if (test_bit(RFCOMM_RX_THROTTLED, &d->flags)) 465 v24_sig |= RFCOMM_V24_FC; 466 else 467 v24_sig &= ~RFCOMM_V24_FC; 468 469 d->v24_sig = v24_sig; 470 471 if (!test_and_set_bit(RFCOMM_MSC_PENDING, &d->flags)) 472 rfcomm_schedule(RFCOMM_SCHED_TX); 473 474 return 0; 475 } 476 477 int rfcomm_dlc_get_modem_status(struct rfcomm_dlc *d, u8 *v24_sig) 478 { 479 BT_DBG("dlc %p state %ld v24_sig 0x%x", 480 d, d->state, d->v24_sig); 481 482 *v24_sig = d->v24_sig; 483 return 0; 484 } 485 486 /* ---- RFCOMM sessions ---- */ 487 static struct rfcomm_session *rfcomm_session_add(struct socket *sock, int state) 488 { 489 struct rfcomm_session *s = kmalloc(sizeof(*s), GFP_KERNEL); 490 if (!s) 491 return NULL; 492 memset(s, 0, sizeof(*s)); 493 494 BT_DBG("session %p sock %p", s, sock); 495 496 INIT_LIST_HEAD(&s->dlcs); 497 s->state = state; 498 s->sock = sock; 499 500 s->mtu = RFCOMM_DEFAULT_MTU; 501 s->cfc = RFCOMM_CFC_UNKNOWN; 502 503 /* Do not increment module usage count for listening sessions. 504 * Otherwise we won't be able to unload the module. */ 505 if (state != BT_LISTEN) 506 if (!try_module_get(THIS_MODULE)) { 507 kfree(s); 508 return NULL; 509 } 510 511 list_add(&s->list, &session_list); 512 513 return s; 514 } 515 516 static void rfcomm_session_del(struct rfcomm_session *s) 517 { 518 int state = s->state; 519 520 BT_DBG("session %p state %ld", s, s->state); 521 522 list_del(&s->list); 523 524 if (state == BT_CONNECTED) 525 rfcomm_send_disc(s, 0); 526 527 sock_release(s->sock); 528 kfree(s); 529 530 if (state != BT_LISTEN) 531 module_put(THIS_MODULE); 532 } 533 534 static struct rfcomm_session *rfcomm_session_get(bdaddr_t *src, bdaddr_t *dst) 535 { 536 struct rfcomm_session *s; 537 struct list_head *p, *n; 538 struct bt_sock *sk; 539 list_for_each_safe(p, n, &session_list) { 540 s = list_entry(p, struct rfcomm_session, list); 541 sk = bt_sk(s->sock->sk); 542 543 if ((!bacmp(src, BDADDR_ANY) || !bacmp(&sk->src, src)) && 544 !bacmp(&sk->dst, dst)) 545 return s; 546 } 547 return NULL; 548 } 549 550 static void rfcomm_session_close(struct rfcomm_session *s, int err) 551 { 552 struct rfcomm_dlc *d; 553 struct list_head *p, *n; 554 555 BT_DBG("session %p state %ld err %d", s, s->state, err); 556 557 rfcomm_session_hold(s); 558 559 s->state = BT_CLOSED; 560 561 /* Close all dlcs */ 562 list_for_each_safe(p, n, &s->dlcs) { 563 d = list_entry(p, struct rfcomm_dlc, list); 564 d->state = BT_CLOSED; 565 __rfcomm_dlc_close(d, err); 566 } 567 568 rfcomm_session_put(s); 569 } 570 571 static struct rfcomm_session *rfcomm_session_create(bdaddr_t *src, bdaddr_t *dst, int *err) 572 { 573 struct rfcomm_session *s = NULL; 574 struct sockaddr_l2 addr; 575 struct socket *sock; 576 struct sock *sk; 577 578 BT_DBG("%s %s", batostr(src), batostr(dst)); 579 580 *err = rfcomm_l2sock_create(&sock); 581 if (*err < 0) 582 return NULL; 583 584 bacpy(&addr.l2_bdaddr, src); 585 addr.l2_family = AF_BLUETOOTH; 586 addr.l2_psm = 0; 587 *err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr)); 588 if (*err < 0) 589 goto failed; 590 591 /* Set L2CAP options */ 592 sk = sock->sk; 593 lock_sock(sk); 594 l2cap_pi(sk)->imtu = RFCOMM_MAX_L2CAP_MTU; 595 release_sock(sk); 596 597 s = rfcomm_session_add(sock, BT_BOUND); 598 if (!s) { 599 *err = -ENOMEM; 600 goto failed; 601 } 602 603 rfcomm_session_hold(s); 604 605 s->initiator = 1; 606 607 bacpy(&addr.l2_bdaddr, dst); 608 addr.l2_family = AF_BLUETOOTH; 609 addr.l2_psm = htobs(RFCOMM_PSM); 610 *err = sock->ops->connect(sock, (struct sockaddr *) &addr, sizeof(addr), O_NONBLOCK); 611 if (*err == 0 || *err == -EAGAIN) 612 return s; 613 614 rfcomm_session_del(s); 615 return NULL; 616 617 failed: 618 sock_release(sock); 619 return NULL; 620 } 621 622 void rfcomm_session_getaddr(struct rfcomm_session *s, bdaddr_t *src, bdaddr_t *dst) 623 { 624 struct sock *sk = s->sock->sk; 625 if (src) 626 bacpy(src, &bt_sk(sk)->src); 627 if (dst) 628 bacpy(dst, &bt_sk(sk)->dst); 629 } 630 631 /* ---- RFCOMM frame sending ---- */ 632 static int rfcomm_send_frame(struct rfcomm_session *s, u8 *data, int len) 633 { 634 struct socket *sock = s->sock; 635 struct kvec iv = { data, len }; 636 struct msghdr msg; 637 638 BT_DBG("session %p len %d", s, len); 639 640 memset(&msg, 0, sizeof(msg)); 641 642 return kernel_sendmsg(sock, &msg, &iv, 1, len); 643 } 644 645 static int rfcomm_send_sabm(struct rfcomm_session *s, u8 dlci) 646 { 647 struct rfcomm_cmd cmd; 648 649 BT_DBG("%p dlci %d", s, dlci); 650 651 cmd.addr = __addr(s->initiator, dlci); 652 cmd.ctrl = __ctrl(RFCOMM_SABM, 1); 653 cmd.len = __len8(0); 654 cmd.fcs = __fcs2((u8 *) &cmd); 655 656 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd)); 657 } 658 659 static int rfcomm_send_ua(struct rfcomm_session *s, u8 dlci) 660 { 661 struct rfcomm_cmd cmd; 662 663 BT_DBG("%p dlci %d", s, dlci); 664 665 cmd.addr = __addr(!s->initiator, dlci); 666 cmd.ctrl = __ctrl(RFCOMM_UA, 1); 667 cmd.len = __len8(0); 668 cmd.fcs = __fcs2((u8 *) &cmd); 669 670 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd)); 671 } 672 673 static int rfcomm_send_disc(struct rfcomm_session *s, u8 dlci) 674 { 675 struct rfcomm_cmd cmd; 676 677 BT_DBG("%p dlci %d", s, dlci); 678 679 cmd.addr = __addr(s->initiator, dlci); 680 cmd.ctrl = __ctrl(RFCOMM_DISC, 1); 681 cmd.len = __len8(0); 682 cmd.fcs = __fcs2((u8 *) &cmd); 683 684 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd)); 685 } 686 687 static int rfcomm_queue_disc(struct rfcomm_dlc *d) 688 { 689 struct rfcomm_cmd *cmd; 690 struct sk_buff *skb; 691 692 BT_DBG("dlc %p dlci %d", d, d->dlci); 693 694 skb = alloc_skb(sizeof(*cmd), GFP_KERNEL); 695 if (!skb) 696 return -ENOMEM; 697 698 cmd = (void *) __skb_put(skb, sizeof(*cmd)); 699 cmd->addr = d->addr; 700 cmd->ctrl = __ctrl(RFCOMM_DISC, 1); 701 cmd->len = __len8(0); 702 cmd->fcs = __fcs2((u8 *) cmd); 703 704 skb_queue_tail(&d->tx_queue, skb); 705 rfcomm_schedule(RFCOMM_SCHED_TX); 706 return 0; 707 } 708 709 static int rfcomm_send_dm(struct rfcomm_session *s, u8 dlci) 710 { 711 struct rfcomm_cmd cmd; 712 713 BT_DBG("%p dlci %d", s, dlci); 714 715 cmd.addr = __addr(!s->initiator, dlci); 716 cmd.ctrl = __ctrl(RFCOMM_DM, 1); 717 cmd.len = __len8(0); 718 cmd.fcs = __fcs2((u8 *) &cmd); 719 720 return rfcomm_send_frame(s, (void *) &cmd, sizeof(cmd)); 721 } 722 723 static int rfcomm_send_nsc(struct rfcomm_session *s, int cr, u8 type) 724 { 725 struct rfcomm_hdr *hdr; 726 struct rfcomm_mcc *mcc; 727 u8 buf[16], *ptr = buf; 728 729 BT_DBG("%p cr %d type %d", s, cr, type); 730 731 hdr = (void *) ptr; ptr += sizeof(*hdr); 732 hdr->addr = __addr(s->initiator, 0); 733 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 734 hdr->len = __len8(sizeof(*mcc) + 1); 735 736 mcc = (void *) ptr; ptr += sizeof(*mcc); 737 mcc->type = __mcc_type(cr, RFCOMM_NSC); 738 mcc->len = __len8(1); 739 740 /* Type that we didn't like */ 741 *ptr = __mcc_type(cr, type); ptr++; 742 743 *ptr = __fcs(buf); ptr++; 744 745 return rfcomm_send_frame(s, buf, ptr - buf); 746 } 747 748 static int rfcomm_send_pn(struct rfcomm_session *s, int cr, struct rfcomm_dlc *d) 749 { 750 struct rfcomm_hdr *hdr; 751 struct rfcomm_mcc *mcc; 752 struct rfcomm_pn *pn; 753 u8 buf[16], *ptr = buf; 754 755 BT_DBG("%p cr %d dlci %d mtu %d", s, cr, d->dlci, d->mtu); 756 757 hdr = (void *) ptr; ptr += sizeof(*hdr); 758 hdr->addr = __addr(s->initiator, 0); 759 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 760 hdr->len = __len8(sizeof(*mcc) + sizeof(*pn)); 761 762 mcc = (void *) ptr; ptr += sizeof(*mcc); 763 mcc->type = __mcc_type(cr, RFCOMM_PN); 764 mcc->len = __len8(sizeof(*pn)); 765 766 pn = (void *) ptr; ptr += sizeof(*pn); 767 pn->dlci = d->dlci; 768 pn->priority = d->priority; 769 pn->ack_timer = 0; 770 pn->max_retrans = 0; 771 772 if (s->cfc) { 773 pn->flow_ctrl = cr ? 0xf0 : 0xe0; 774 pn->credits = RFCOMM_DEFAULT_CREDITS; 775 } else { 776 pn->flow_ctrl = 0; 777 pn->credits = 0; 778 } 779 780 pn->mtu = htobs(d->mtu); 781 782 *ptr = __fcs(buf); ptr++; 783 784 return rfcomm_send_frame(s, buf, ptr - buf); 785 } 786 787 static int rfcomm_send_rpn(struct rfcomm_session *s, int cr, u8 dlci, 788 u8 bit_rate, u8 data_bits, u8 stop_bits, 789 u8 parity, u8 flow_ctrl_settings, 790 u8 xon_char, u8 xoff_char, u16 param_mask) 791 { 792 struct rfcomm_hdr *hdr; 793 struct rfcomm_mcc *mcc; 794 struct rfcomm_rpn *rpn; 795 u8 buf[16], *ptr = buf; 796 797 BT_DBG("%p cr %d dlci %d bit_r 0x%x data_b 0x%x stop_b 0x%x parity 0x%x" 798 "flwc_s 0x%x xon_c 0x%x xoff_c 0x%x p_mask 0x%x", 799 s, cr, dlci, bit_rate, data_bits, stop_bits, parity, 800 flow_ctrl_settings, xon_char, xoff_char, param_mask); 801 802 hdr = (void *) ptr; ptr += sizeof(*hdr); 803 hdr->addr = __addr(s->initiator, 0); 804 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 805 hdr->len = __len8(sizeof(*mcc) + sizeof(*rpn)); 806 807 mcc = (void *) ptr; ptr += sizeof(*mcc); 808 mcc->type = __mcc_type(cr, RFCOMM_RPN); 809 mcc->len = __len8(sizeof(*rpn)); 810 811 rpn = (void *) ptr; ptr += sizeof(*rpn); 812 rpn->dlci = __addr(1, dlci); 813 rpn->bit_rate = bit_rate; 814 rpn->line_settings = __rpn_line_settings(data_bits, stop_bits, parity); 815 rpn->flow_ctrl = flow_ctrl_settings; 816 rpn->xon_char = xon_char; 817 rpn->xoff_char = xoff_char; 818 rpn->param_mask = param_mask; 819 820 *ptr = __fcs(buf); ptr++; 821 822 return rfcomm_send_frame(s, buf, ptr - buf); 823 } 824 825 static int rfcomm_send_rls(struct rfcomm_session *s, int cr, u8 dlci, u8 status) 826 { 827 struct rfcomm_hdr *hdr; 828 struct rfcomm_mcc *mcc; 829 struct rfcomm_rls *rls; 830 u8 buf[16], *ptr = buf; 831 832 BT_DBG("%p cr %d status 0x%x", s, cr, status); 833 834 hdr = (void *) ptr; ptr += sizeof(*hdr); 835 hdr->addr = __addr(s->initiator, 0); 836 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 837 hdr->len = __len8(sizeof(*mcc) + sizeof(*rls)); 838 839 mcc = (void *) ptr; ptr += sizeof(*mcc); 840 mcc->type = __mcc_type(cr, RFCOMM_RLS); 841 mcc->len = __len8(sizeof(*rls)); 842 843 rls = (void *) ptr; ptr += sizeof(*rls); 844 rls->dlci = __addr(1, dlci); 845 rls->status = status; 846 847 *ptr = __fcs(buf); ptr++; 848 849 return rfcomm_send_frame(s, buf, ptr - buf); 850 } 851 852 static int rfcomm_send_msc(struct rfcomm_session *s, int cr, u8 dlci, u8 v24_sig) 853 { 854 struct rfcomm_hdr *hdr; 855 struct rfcomm_mcc *mcc; 856 struct rfcomm_msc *msc; 857 u8 buf[16], *ptr = buf; 858 859 BT_DBG("%p cr %d v24 0x%x", s, cr, v24_sig); 860 861 hdr = (void *) ptr; ptr += sizeof(*hdr); 862 hdr->addr = __addr(s->initiator, 0); 863 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 864 hdr->len = __len8(sizeof(*mcc) + sizeof(*msc)); 865 866 mcc = (void *) ptr; ptr += sizeof(*mcc); 867 mcc->type = __mcc_type(cr, RFCOMM_MSC); 868 mcc->len = __len8(sizeof(*msc)); 869 870 msc = (void *) ptr; ptr += sizeof(*msc); 871 msc->dlci = __addr(1, dlci); 872 msc->v24_sig = v24_sig | 0x01; 873 874 *ptr = __fcs(buf); ptr++; 875 876 return rfcomm_send_frame(s, buf, ptr - buf); 877 } 878 879 static int rfcomm_send_fcoff(struct rfcomm_session *s, int cr) 880 { 881 struct rfcomm_hdr *hdr; 882 struct rfcomm_mcc *mcc; 883 u8 buf[16], *ptr = buf; 884 885 BT_DBG("%p cr %d", s, cr); 886 887 hdr = (void *) ptr; ptr += sizeof(*hdr); 888 hdr->addr = __addr(s->initiator, 0); 889 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 890 hdr->len = __len8(sizeof(*mcc)); 891 892 mcc = (void *) ptr; ptr += sizeof(*mcc); 893 mcc->type = __mcc_type(cr, RFCOMM_FCOFF); 894 mcc->len = __len8(0); 895 896 *ptr = __fcs(buf); ptr++; 897 898 return rfcomm_send_frame(s, buf, ptr - buf); 899 } 900 901 static int rfcomm_send_fcon(struct rfcomm_session *s, int cr) 902 { 903 struct rfcomm_hdr *hdr; 904 struct rfcomm_mcc *mcc; 905 u8 buf[16], *ptr = buf; 906 907 BT_DBG("%p cr %d", s, cr); 908 909 hdr = (void *) ptr; ptr += sizeof(*hdr); 910 hdr->addr = __addr(s->initiator, 0); 911 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 912 hdr->len = __len8(sizeof(*mcc)); 913 914 mcc = (void *) ptr; ptr += sizeof(*mcc); 915 mcc->type = __mcc_type(cr, RFCOMM_FCON); 916 mcc->len = __len8(0); 917 918 *ptr = __fcs(buf); ptr++; 919 920 return rfcomm_send_frame(s, buf, ptr - buf); 921 } 922 923 static int rfcomm_send_test(struct rfcomm_session *s, int cr, u8 *pattern, int len) 924 { 925 struct socket *sock = s->sock; 926 struct kvec iv[3]; 927 struct msghdr msg; 928 unsigned char hdr[5], crc[1]; 929 930 if (len > 125) 931 return -EINVAL; 932 933 BT_DBG("%p cr %d", s, cr); 934 935 hdr[0] = __addr(s->initiator, 0); 936 hdr[1] = __ctrl(RFCOMM_UIH, 0); 937 hdr[2] = 0x01 | ((len + 2) << 1); 938 hdr[3] = 0x01 | ((cr & 0x01) << 1) | (RFCOMM_TEST << 2); 939 hdr[4] = 0x01 | (len << 1); 940 941 crc[0] = __fcs(hdr); 942 943 iv[0].iov_base = hdr; 944 iv[0].iov_len = 5; 945 iv[1].iov_base = pattern; 946 iv[1].iov_len = len; 947 iv[2].iov_base = crc; 948 iv[2].iov_len = 1; 949 950 memset(&msg, 0, sizeof(msg)); 951 952 return kernel_sendmsg(sock, &msg, iv, 3, 6 + len); 953 } 954 955 static int rfcomm_send_credits(struct rfcomm_session *s, u8 addr, u8 credits) 956 { 957 struct rfcomm_hdr *hdr; 958 u8 buf[16], *ptr = buf; 959 960 BT_DBG("%p addr %d credits %d", s, addr, credits); 961 962 hdr = (void *) ptr; ptr += sizeof(*hdr); 963 hdr->addr = addr; 964 hdr->ctrl = __ctrl(RFCOMM_UIH, 1); 965 hdr->len = __len8(0); 966 967 *ptr = credits; ptr++; 968 969 *ptr = __fcs(buf); ptr++; 970 971 return rfcomm_send_frame(s, buf, ptr - buf); 972 } 973 974 static void rfcomm_make_uih(struct sk_buff *skb, u8 addr) 975 { 976 struct rfcomm_hdr *hdr; 977 int len = skb->len; 978 u8 *crc; 979 980 if (len > 127) { 981 hdr = (void *) skb_push(skb, 4); 982 put_unaligned(htobs(__len16(len)), (u16 *) &hdr->len); 983 } else { 984 hdr = (void *) skb_push(skb, 3); 985 hdr->len = __len8(len); 986 } 987 hdr->addr = addr; 988 hdr->ctrl = __ctrl(RFCOMM_UIH, 0); 989 990 crc = skb_put(skb, 1); 991 *crc = __fcs((void *) hdr); 992 } 993 994 /* ---- RFCOMM frame reception ---- */ 995 static int rfcomm_recv_ua(struct rfcomm_session *s, u8 dlci) 996 { 997 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); 998 999 if (dlci) { 1000 /* Data channel */ 1001 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci); 1002 if (!d) { 1003 rfcomm_send_dm(s, dlci); 1004 return 0; 1005 } 1006 1007 switch (d->state) { 1008 case BT_CONNECT: 1009 rfcomm_dlc_clear_timer(d); 1010 1011 rfcomm_dlc_lock(d); 1012 d->state = BT_CONNECTED; 1013 d->state_change(d, 0); 1014 rfcomm_dlc_unlock(d); 1015 1016 rfcomm_send_msc(s, 1, dlci, d->v24_sig); 1017 break; 1018 1019 case BT_DISCONN: 1020 d->state = BT_CLOSED; 1021 __rfcomm_dlc_close(d, 0); 1022 break; 1023 } 1024 } else { 1025 /* Control channel */ 1026 switch (s->state) { 1027 case BT_CONNECT: 1028 s->state = BT_CONNECTED; 1029 rfcomm_process_connect(s); 1030 break; 1031 } 1032 } 1033 return 0; 1034 } 1035 1036 static int rfcomm_recv_dm(struct rfcomm_session *s, u8 dlci) 1037 { 1038 int err = 0; 1039 1040 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); 1041 1042 if (dlci) { 1043 /* Data DLC */ 1044 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci); 1045 if (d) { 1046 if (d->state == BT_CONNECT || d->state == BT_CONFIG) 1047 err = ECONNREFUSED; 1048 else 1049 err = ECONNRESET; 1050 1051 d->state = BT_CLOSED; 1052 __rfcomm_dlc_close(d, err); 1053 } 1054 } else { 1055 if (s->state == BT_CONNECT) 1056 err = ECONNREFUSED; 1057 else 1058 err = ECONNRESET; 1059 1060 s->state = BT_CLOSED; 1061 rfcomm_session_close(s, err); 1062 } 1063 return 0; 1064 } 1065 1066 static int rfcomm_recv_disc(struct rfcomm_session *s, u8 dlci) 1067 { 1068 int err = 0; 1069 1070 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); 1071 1072 if (dlci) { 1073 struct rfcomm_dlc *d = rfcomm_dlc_get(s, dlci); 1074 if (d) { 1075 rfcomm_send_ua(s, dlci); 1076 1077 if (d->state == BT_CONNECT || d->state == BT_CONFIG) 1078 err = ECONNREFUSED; 1079 else 1080 err = ECONNRESET; 1081 1082 d->state = BT_CLOSED; 1083 __rfcomm_dlc_close(d, err); 1084 } else 1085 rfcomm_send_dm(s, dlci); 1086 1087 } else { 1088 rfcomm_send_ua(s, 0); 1089 1090 if (s->state == BT_CONNECT) 1091 err = ECONNREFUSED; 1092 else 1093 err = ECONNRESET; 1094 1095 s->state = BT_CLOSED; 1096 rfcomm_session_close(s, err); 1097 } 1098 1099 return 0; 1100 } 1101 1102 static inline int rfcomm_check_link_mode(struct rfcomm_dlc *d) 1103 { 1104 struct sock *sk = d->session->sock->sk; 1105 1106 if (d->link_mode & (RFCOMM_LM_ENCRYPT | RFCOMM_LM_SECURE)) { 1107 if (!hci_conn_encrypt(l2cap_pi(sk)->conn->hcon)) 1108 return 1; 1109 } else if (d->link_mode & RFCOMM_LM_AUTH) { 1110 if (!hci_conn_auth(l2cap_pi(sk)->conn->hcon)) 1111 return 1; 1112 } 1113 1114 return 0; 1115 } 1116 1117 static void rfcomm_dlc_accept(struct rfcomm_dlc *d) 1118 { 1119 BT_DBG("dlc %p", d); 1120 1121 rfcomm_send_ua(d->session, d->dlci); 1122 1123 rfcomm_dlc_lock(d); 1124 d->state = BT_CONNECTED; 1125 d->state_change(d, 0); 1126 rfcomm_dlc_unlock(d); 1127 1128 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig); 1129 } 1130 1131 static int rfcomm_recv_sabm(struct rfcomm_session *s, u8 dlci) 1132 { 1133 struct rfcomm_dlc *d; 1134 u8 channel; 1135 1136 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); 1137 1138 if (!dlci) { 1139 rfcomm_send_ua(s, 0); 1140 1141 if (s->state == BT_OPEN) { 1142 s->state = BT_CONNECTED; 1143 rfcomm_process_connect(s); 1144 } 1145 return 0; 1146 } 1147 1148 /* Check if DLC exists */ 1149 d = rfcomm_dlc_get(s, dlci); 1150 if (d) { 1151 if (d->state == BT_OPEN) { 1152 /* DLC was previously opened by PN request */ 1153 if (rfcomm_check_link_mode(d)) { 1154 set_bit(RFCOMM_AUTH_PENDING, &d->flags); 1155 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT); 1156 return 0; 1157 } 1158 1159 rfcomm_dlc_accept(d); 1160 } 1161 return 0; 1162 } 1163 1164 /* Notify socket layer about incoming connection */ 1165 channel = __srv_channel(dlci); 1166 if (rfcomm_connect_ind(s, channel, &d)) { 1167 d->dlci = dlci; 1168 d->addr = __addr(s->initiator, dlci); 1169 rfcomm_dlc_link(s, d); 1170 1171 if (rfcomm_check_link_mode(d)) { 1172 set_bit(RFCOMM_AUTH_PENDING, &d->flags); 1173 rfcomm_dlc_set_timer(d, RFCOMM_AUTH_TIMEOUT); 1174 return 0; 1175 } 1176 1177 rfcomm_dlc_accept(d); 1178 } else { 1179 rfcomm_send_dm(s, dlci); 1180 } 1181 1182 return 0; 1183 } 1184 1185 static int rfcomm_apply_pn(struct rfcomm_dlc *d, int cr, struct rfcomm_pn *pn) 1186 { 1187 struct rfcomm_session *s = d->session; 1188 1189 BT_DBG("dlc %p state %ld dlci %d mtu %d fc 0x%x credits %d", 1190 d, d->state, d->dlci, pn->mtu, pn->flow_ctrl, pn->credits); 1191 1192 if (pn->flow_ctrl == 0xf0 || pn->flow_ctrl == 0xe0) { 1193 d->cfc = s->cfc = RFCOMM_CFC_ENABLED; 1194 d->tx_credits = pn->credits; 1195 } else { 1196 d->cfc = s->cfc = RFCOMM_CFC_DISABLED; 1197 set_bit(RFCOMM_TX_THROTTLED, &d->flags); 1198 } 1199 1200 d->priority = pn->priority; 1201 1202 d->mtu = s->mtu = btohs(pn->mtu); 1203 1204 return 0; 1205 } 1206 1207 static int rfcomm_recv_pn(struct rfcomm_session *s, int cr, struct sk_buff *skb) 1208 { 1209 struct rfcomm_pn *pn = (void *) skb->data; 1210 struct rfcomm_dlc *d; 1211 u8 dlci = pn->dlci; 1212 1213 BT_DBG("session %p state %ld dlci %d", s, s->state, dlci); 1214 1215 if (!dlci) 1216 return 0; 1217 1218 d = rfcomm_dlc_get(s, dlci); 1219 if (d) { 1220 if (cr) { 1221 /* PN request */ 1222 rfcomm_apply_pn(d, cr, pn); 1223 rfcomm_send_pn(s, 0, d); 1224 } else { 1225 /* PN response */ 1226 switch (d->state) { 1227 case BT_CONFIG: 1228 rfcomm_apply_pn(d, cr, pn); 1229 1230 d->state = BT_CONNECT; 1231 rfcomm_send_sabm(s, d->dlci); 1232 break; 1233 } 1234 } 1235 } else { 1236 u8 channel = __srv_channel(dlci); 1237 1238 if (!cr) 1239 return 0; 1240 1241 /* PN request for non existing DLC. 1242 * Assume incoming connection. */ 1243 if (rfcomm_connect_ind(s, channel, &d)) { 1244 d->dlci = dlci; 1245 d->addr = __addr(s->initiator, dlci); 1246 rfcomm_dlc_link(s, d); 1247 1248 rfcomm_apply_pn(d, cr, pn); 1249 1250 d->state = BT_OPEN; 1251 rfcomm_send_pn(s, 0, d); 1252 } else { 1253 rfcomm_send_dm(s, dlci); 1254 } 1255 } 1256 return 0; 1257 } 1258 1259 static int rfcomm_recv_rpn(struct rfcomm_session *s, int cr, int len, struct sk_buff *skb) 1260 { 1261 struct rfcomm_rpn *rpn = (void *) skb->data; 1262 u8 dlci = __get_dlci(rpn->dlci); 1263 1264 u8 bit_rate = 0; 1265 u8 data_bits = 0; 1266 u8 stop_bits = 0; 1267 u8 parity = 0; 1268 u8 flow_ctrl = 0; 1269 u8 xon_char = 0; 1270 u8 xoff_char = 0; 1271 u16 rpn_mask = RFCOMM_RPN_PM_ALL; 1272 1273 BT_DBG("dlci %d cr %d len 0x%x bitr 0x%x line 0x%x flow 0x%x xonc 0x%x xoffc 0x%x pm 0x%x", 1274 dlci, cr, len, rpn->bit_rate, rpn->line_settings, rpn->flow_ctrl, 1275 rpn->xon_char, rpn->xoff_char, rpn->param_mask); 1276 1277 if (!cr) 1278 return 0; 1279 1280 if (len == 1) { 1281 /* request: return default setting */ 1282 bit_rate = RFCOMM_RPN_BR_115200; 1283 data_bits = RFCOMM_RPN_DATA_8; 1284 stop_bits = RFCOMM_RPN_STOP_1; 1285 parity = RFCOMM_RPN_PARITY_NONE; 1286 flow_ctrl = RFCOMM_RPN_FLOW_NONE; 1287 xon_char = RFCOMM_RPN_XON_CHAR; 1288 xoff_char = RFCOMM_RPN_XOFF_CHAR; 1289 1290 goto rpn_out; 1291 } 1292 /* check for sane values: ignore/accept bit_rate, 8 bits, 1 stop bit, no parity, 1293 no flow control lines, normal XON/XOFF chars */ 1294 if (rpn->param_mask & RFCOMM_RPN_PM_BITRATE) { 1295 bit_rate = rpn->bit_rate; 1296 if (bit_rate != RFCOMM_RPN_BR_115200) { 1297 BT_DBG("RPN bit rate mismatch 0x%x", bit_rate); 1298 bit_rate = RFCOMM_RPN_BR_115200; 1299 rpn_mask ^= RFCOMM_RPN_PM_BITRATE; 1300 } 1301 } 1302 if (rpn->param_mask & RFCOMM_RPN_PM_DATA) { 1303 data_bits = __get_rpn_data_bits(rpn->line_settings); 1304 if (data_bits != RFCOMM_RPN_DATA_8) { 1305 BT_DBG("RPN data bits mismatch 0x%x", data_bits); 1306 data_bits = RFCOMM_RPN_DATA_8; 1307 rpn_mask ^= RFCOMM_RPN_PM_DATA; 1308 } 1309 } 1310 if (rpn->param_mask & RFCOMM_RPN_PM_STOP) { 1311 stop_bits = __get_rpn_stop_bits(rpn->line_settings); 1312 if (stop_bits != RFCOMM_RPN_STOP_1) { 1313 BT_DBG("RPN stop bits mismatch 0x%x", stop_bits); 1314 stop_bits = RFCOMM_RPN_STOP_1; 1315 rpn_mask ^= RFCOMM_RPN_PM_STOP; 1316 } 1317 } 1318 if (rpn->param_mask & RFCOMM_RPN_PM_PARITY) { 1319 parity = __get_rpn_parity(rpn->line_settings); 1320 if (parity != RFCOMM_RPN_PARITY_NONE) { 1321 BT_DBG("RPN parity mismatch 0x%x", parity); 1322 parity = RFCOMM_RPN_PARITY_NONE; 1323 rpn_mask ^= RFCOMM_RPN_PM_PARITY; 1324 } 1325 } 1326 if (rpn->param_mask & RFCOMM_RPN_PM_FLOW) { 1327 flow_ctrl = rpn->flow_ctrl; 1328 if (flow_ctrl != RFCOMM_RPN_FLOW_NONE) { 1329 BT_DBG("RPN flow ctrl mismatch 0x%x", flow_ctrl); 1330 flow_ctrl = RFCOMM_RPN_FLOW_NONE; 1331 rpn_mask ^= RFCOMM_RPN_PM_FLOW; 1332 } 1333 } 1334 if (rpn->param_mask & RFCOMM_RPN_PM_XON) { 1335 xon_char = rpn->xon_char; 1336 if (xon_char != RFCOMM_RPN_XON_CHAR) { 1337 BT_DBG("RPN XON char mismatch 0x%x", xon_char); 1338 xon_char = RFCOMM_RPN_XON_CHAR; 1339 rpn_mask ^= RFCOMM_RPN_PM_XON; 1340 } 1341 } 1342 if (rpn->param_mask & RFCOMM_RPN_PM_XOFF) { 1343 xoff_char = rpn->xoff_char; 1344 if (xoff_char != RFCOMM_RPN_XOFF_CHAR) { 1345 BT_DBG("RPN XOFF char mismatch 0x%x", xoff_char); 1346 xoff_char = RFCOMM_RPN_XOFF_CHAR; 1347 rpn_mask ^= RFCOMM_RPN_PM_XOFF; 1348 } 1349 } 1350 1351 rpn_out: 1352 rfcomm_send_rpn(s, 0, dlci, 1353 bit_rate, data_bits, stop_bits, parity, flow_ctrl, 1354 xon_char, xoff_char, rpn_mask); 1355 1356 return 0; 1357 } 1358 1359 static int rfcomm_recv_rls(struct rfcomm_session *s, int cr, struct sk_buff *skb) 1360 { 1361 struct rfcomm_rls *rls = (void *) skb->data; 1362 u8 dlci = __get_dlci(rls->dlci); 1363 1364 BT_DBG("dlci %d cr %d status 0x%x", dlci, cr, rls->status); 1365 1366 if (!cr) 1367 return 0; 1368 1369 /* FIXME: We should probably do something with this 1370 information here. But for now it's sufficient just 1371 to reply -- Bluetooth 1.1 says it's mandatory to 1372 recognise and respond to RLS */ 1373 1374 rfcomm_send_rls(s, 0, dlci, rls->status); 1375 1376 return 0; 1377 } 1378 1379 static int rfcomm_recv_msc(struct rfcomm_session *s, int cr, struct sk_buff *skb) 1380 { 1381 struct rfcomm_msc *msc = (void *) skb->data; 1382 struct rfcomm_dlc *d; 1383 u8 dlci = __get_dlci(msc->dlci); 1384 1385 BT_DBG("dlci %d cr %d v24 0x%x", dlci, cr, msc->v24_sig); 1386 1387 d = rfcomm_dlc_get(s, dlci); 1388 if (!d) 1389 return 0; 1390 1391 if (cr) { 1392 if (msc->v24_sig & RFCOMM_V24_FC && !d->cfc) 1393 set_bit(RFCOMM_TX_THROTTLED, &d->flags); 1394 else 1395 clear_bit(RFCOMM_TX_THROTTLED, &d->flags); 1396 1397 rfcomm_dlc_lock(d); 1398 if (d->modem_status) 1399 d->modem_status(d, msc->v24_sig); 1400 rfcomm_dlc_unlock(d); 1401 1402 rfcomm_send_msc(s, 0, dlci, msc->v24_sig); 1403 1404 d->mscex |= RFCOMM_MSCEX_RX; 1405 } else 1406 d->mscex |= RFCOMM_MSCEX_TX; 1407 1408 return 0; 1409 } 1410 1411 static int rfcomm_recv_mcc(struct rfcomm_session *s, struct sk_buff *skb) 1412 { 1413 struct rfcomm_mcc *mcc = (void *) skb->data; 1414 u8 type, cr, len; 1415 1416 cr = __test_cr(mcc->type); 1417 type = __get_mcc_type(mcc->type); 1418 len = __get_mcc_len(mcc->len); 1419 1420 BT_DBG("%p type 0x%x cr %d", s, type, cr); 1421 1422 skb_pull(skb, 2); 1423 1424 switch (type) { 1425 case RFCOMM_PN: 1426 rfcomm_recv_pn(s, cr, skb); 1427 break; 1428 1429 case RFCOMM_RPN: 1430 rfcomm_recv_rpn(s, cr, len, skb); 1431 break; 1432 1433 case RFCOMM_RLS: 1434 rfcomm_recv_rls(s, cr, skb); 1435 break; 1436 1437 case RFCOMM_MSC: 1438 rfcomm_recv_msc(s, cr, skb); 1439 break; 1440 1441 case RFCOMM_FCOFF: 1442 if (cr) { 1443 set_bit(RFCOMM_TX_THROTTLED, &s->flags); 1444 rfcomm_send_fcoff(s, 0); 1445 } 1446 break; 1447 1448 case RFCOMM_FCON: 1449 if (cr) { 1450 clear_bit(RFCOMM_TX_THROTTLED, &s->flags); 1451 rfcomm_send_fcon(s, 0); 1452 } 1453 break; 1454 1455 case RFCOMM_TEST: 1456 if (cr) 1457 rfcomm_send_test(s, 0, skb->data, skb->len); 1458 break; 1459 1460 case RFCOMM_NSC: 1461 break; 1462 1463 default: 1464 BT_ERR("Unknown control type 0x%02x", type); 1465 rfcomm_send_nsc(s, cr, type); 1466 break; 1467 } 1468 return 0; 1469 } 1470 1471 static int rfcomm_recv_data(struct rfcomm_session *s, u8 dlci, int pf, struct sk_buff *skb) 1472 { 1473 struct rfcomm_dlc *d; 1474 1475 BT_DBG("session %p state %ld dlci %d pf %d", s, s->state, dlci, pf); 1476 1477 d = rfcomm_dlc_get(s, dlci); 1478 if (!d) { 1479 rfcomm_send_dm(s, dlci); 1480 goto drop; 1481 } 1482 1483 if (pf && d->cfc) { 1484 u8 credits = *(u8 *) skb->data; skb_pull(skb, 1); 1485 1486 d->tx_credits += credits; 1487 if (d->tx_credits) 1488 clear_bit(RFCOMM_TX_THROTTLED, &d->flags); 1489 } 1490 1491 if (skb->len && d->state == BT_CONNECTED) { 1492 rfcomm_dlc_lock(d); 1493 d->rx_credits--; 1494 d->data_ready(d, skb); 1495 rfcomm_dlc_unlock(d); 1496 return 0; 1497 } 1498 1499 drop: 1500 kfree_skb(skb); 1501 return 0; 1502 } 1503 1504 static int rfcomm_recv_frame(struct rfcomm_session *s, struct sk_buff *skb) 1505 { 1506 struct rfcomm_hdr *hdr = (void *) skb->data; 1507 u8 type, dlci, fcs; 1508 1509 dlci = __get_dlci(hdr->addr); 1510 type = __get_type(hdr->ctrl); 1511 1512 /* Trim FCS */ 1513 skb->len--; skb->tail--; 1514 fcs = *(u8 *) skb->tail; 1515 1516 if (__check_fcs(skb->data, type, fcs)) { 1517 BT_ERR("bad checksum in packet"); 1518 kfree_skb(skb); 1519 return -EILSEQ; 1520 } 1521 1522 if (__test_ea(hdr->len)) 1523 skb_pull(skb, 3); 1524 else 1525 skb_pull(skb, 4); 1526 1527 switch (type) { 1528 case RFCOMM_SABM: 1529 if (__test_pf(hdr->ctrl)) 1530 rfcomm_recv_sabm(s, dlci); 1531 break; 1532 1533 case RFCOMM_DISC: 1534 if (__test_pf(hdr->ctrl)) 1535 rfcomm_recv_disc(s, dlci); 1536 break; 1537 1538 case RFCOMM_UA: 1539 if (__test_pf(hdr->ctrl)) 1540 rfcomm_recv_ua(s, dlci); 1541 break; 1542 1543 case RFCOMM_DM: 1544 rfcomm_recv_dm(s, dlci); 1545 break; 1546 1547 case RFCOMM_UIH: 1548 if (dlci) 1549 return rfcomm_recv_data(s, dlci, __test_pf(hdr->ctrl), skb); 1550 1551 rfcomm_recv_mcc(s, skb); 1552 break; 1553 1554 default: 1555 BT_ERR("Unknown packet type 0x%02x\n", type); 1556 break; 1557 } 1558 kfree_skb(skb); 1559 return 0; 1560 } 1561 1562 /* ---- Connection and data processing ---- */ 1563 1564 static void rfcomm_process_connect(struct rfcomm_session *s) 1565 { 1566 struct rfcomm_dlc *d; 1567 struct list_head *p, *n; 1568 1569 BT_DBG("session %p state %ld", s, s->state); 1570 1571 list_for_each_safe(p, n, &s->dlcs) { 1572 d = list_entry(p, struct rfcomm_dlc, list); 1573 if (d->state == BT_CONFIG) { 1574 d->mtu = s->mtu; 1575 rfcomm_send_pn(s, 1, d); 1576 } 1577 } 1578 } 1579 1580 /* Send data queued for the DLC. 1581 * Return number of frames left in the queue. 1582 */ 1583 static inline int rfcomm_process_tx(struct rfcomm_dlc *d) 1584 { 1585 struct sk_buff *skb; 1586 int err; 1587 1588 BT_DBG("dlc %p state %ld cfc %d rx_credits %d tx_credits %d", 1589 d, d->state, d->cfc, d->rx_credits, d->tx_credits); 1590 1591 /* Send pending MSC */ 1592 if (test_and_clear_bit(RFCOMM_MSC_PENDING, &d->flags)) 1593 rfcomm_send_msc(d->session, 1, d->dlci, d->v24_sig); 1594 1595 if (d->cfc) { 1596 /* CFC enabled. 1597 * Give them some credits */ 1598 if (!test_bit(RFCOMM_RX_THROTTLED, &d->flags) && 1599 d->rx_credits <= (d->cfc >> 2)) { 1600 rfcomm_send_credits(d->session, d->addr, d->cfc - d->rx_credits); 1601 d->rx_credits = d->cfc; 1602 } 1603 } else { 1604 /* CFC disabled. 1605 * Give ourselves some credits */ 1606 d->tx_credits = 5; 1607 } 1608 1609 if (test_bit(RFCOMM_TX_THROTTLED, &d->flags)) 1610 return skb_queue_len(&d->tx_queue); 1611 1612 while (d->tx_credits && (skb = skb_dequeue(&d->tx_queue))) { 1613 err = rfcomm_send_frame(d->session, skb->data, skb->len); 1614 if (err < 0) { 1615 skb_queue_head(&d->tx_queue, skb); 1616 break; 1617 } 1618 kfree_skb(skb); 1619 d->tx_credits--; 1620 } 1621 1622 if (d->cfc && !d->tx_credits) { 1623 /* We're out of TX credits. 1624 * Set TX_THROTTLED flag to avoid unnesary wakeups by dlc_send. */ 1625 set_bit(RFCOMM_TX_THROTTLED, &d->flags); 1626 } 1627 1628 return skb_queue_len(&d->tx_queue); 1629 } 1630 1631 static inline void rfcomm_process_dlcs(struct rfcomm_session *s) 1632 { 1633 struct rfcomm_dlc *d; 1634 struct list_head *p, *n; 1635 1636 BT_DBG("session %p state %ld", s, s->state); 1637 1638 list_for_each_safe(p, n, &s->dlcs) { 1639 d = list_entry(p, struct rfcomm_dlc, list); 1640 1641 if (test_bit(RFCOMM_TIMED_OUT, &d->flags)) { 1642 __rfcomm_dlc_close(d, ETIMEDOUT); 1643 continue; 1644 } 1645 1646 if (test_and_clear_bit(RFCOMM_AUTH_ACCEPT, &d->flags)) { 1647 rfcomm_dlc_clear_timer(d); 1648 rfcomm_dlc_accept(d); 1649 if (d->link_mode & RFCOMM_LM_SECURE) { 1650 struct sock *sk = s->sock->sk; 1651 hci_conn_change_link_key(l2cap_pi(sk)->conn->hcon); 1652 } 1653 continue; 1654 } else if (test_and_clear_bit(RFCOMM_AUTH_REJECT, &d->flags)) { 1655 rfcomm_dlc_clear_timer(d); 1656 rfcomm_send_dm(s, d->dlci); 1657 __rfcomm_dlc_close(d, ECONNREFUSED); 1658 continue; 1659 } 1660 1661 if (test_bit(RFCOMM_TX_THROTTLED, &s->flags)) 1662 continue; 1663 1664 if ((d->state == BT_CONNECTED || d->state == BT_DISCONN) && 1665 d->mscex == RFCOMM_MSCEX_OK) 1666 rfcomm_process_tx(d); 1667 } 1668 } 1669 1670 static inline void rfcomm_process_rx(struct rfcomm_session *s) 1671 { 1672 struct socket *sock = s->sock; 1673 struct sock *sk = sock->sk; 1674 struct sk_buff *skb; 1675 1676 BT_DBG("session %p state %ld qlen %d", s, s->state, skb_queue_len(&sk->sk_receive_queue)); 1677 1678 /* Get data directly from socket receive queue without copying it. */ 1679 while ((skb = skb_dequeue(&sk->sk_receive_queue))) { 1680 skb_orphan(skb); 1681 rfcomm_recv_frame(s, skb); 1682 } 1683 1684 if (sk->sk_state == BT_CLOSED) { 1685 if (!s->initiator) 1686 rfcomm_session_put(s); 1687 1688 rfcomm_session_close(s, sk->sk_err); 1689 } 1690 } 1691 1692 static inline void rfcomm_accept_connection(struct rfcomm_session *s) 1693 { 1694 struct socket *sock = s->sock, *nsock; 1695 int err; 1696 1697 /* Fast check for a new connection. 1698 * Avoids unnesesary socket allocations. */ 1699 if (list_empty(&bt_sk(sock->sk)->accept_q)) 1700 return; 1701 1702 BT_DBG("session %p", s); 1703 1704 if (sock_create_lite(PF_BLUETOOTH, sock->type, BTPROTO_L2CAP, &nsock)) 1705 return; 1706 1707 nsock->ops = sock->ops; 1708 1709 __module_get(nsock->ops->owner); 1710 1711 err = sock->ops->accept(sock, nsock, O_NONBLOCK); 1712 if (err < 0) { 1713 sock_release(nsock); 1714 return; 1715 } 1716 1717 /* Set our callbacks */ 1718 nsock->sk->sk_data_ready = rfcomm_l2data_ready; 1719 nsock->sk->sk_state_change = rfcomm_l2state_change; 1720 1721 s = rfcomm_session_add(nsock, BT_OPEN); 1722 if (s) { 1723 rfcomm_session_hold(s); 1724 rfcomm_schedule(RFCOMM_SCHED_RX); 1725 } else 1726 sock_release(nsock); 1727 } 1728 1729 static inline void rfcomm_check_connection(struct rfcomm_session *s) 1730 { 1731 struct sock *sk = s->sock->sk; 1732 1733 BT_DBG("%p state %ld", s, s->state); 1734 1735 switch(sk->sk_state) { 1736 case BT_CONNECTED: 1737 s->state = BT_CONNECT; 1738 1739 /* We can adjust MTU on outgoing sessions. 1740 * L2CAP MTU minus UIH header and FCS. */ 1741 s->mtu = min(l2cap_pi(sk)->omtu, l2cap_pi(sk)->imtu) - 5; 1742 1743 rfcomm_send_sabm(s, 0); 1744 break; 1745 1746 case BT_CLOSED: 1747 s->state = BT_CLOSED; 1748 rfcomm_session_close(s, sk->sk_err); 1749 break; 1750 } 1751 } 1752 1753 static inline void rfcomm_process_sessions(void) 1754 { 1755 struct list_head *p, *n; 1756 1757 rfcomm_lock(); 1758 1759 list_for_each_safe(p, n, &session_list) { 1760 struct rfcomm_session *s; 1761 s = list_entry(p, struct rfcomm_session, list); 1762 1763 if (s->state == BT_LISTEN) { 1764 rfcomm_accept_connection(s); 1765 continue; 1766 } 1767 1768 rfcomm_session_hold(s); 1769 1770 switch (s->state) { 1771 case BT_BOUND: 1772 rfcomm_check_connection(s); 1773 break; 1774 1775 default: 1776 rfcomm_process_rx(s); 1777 break; 1778 } 1779 1780 rfcomm_process_dlcs(s); 1781 1782 rfcomm_session_put(s); 1783 } 1784 1785 rfcomm_unlock(); 1786 } 1787 1788 static void rfcomm_worker(void) 1789 { 1790 BT_DBG(""); 1791 1792 while (!atomic_read(&terminate)) { 1793 if (!test_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event)) { 1794 /* No pending events. Let's sleep. 1795 * Incoming connections and data will wake us up. */ 1796 set_current_state(TASK_INTERRUPTIBLE); 1797 schedule(); 1798 } 1799 1800 /* Process stuff */ 1801 clear_bit(RFCOMM_SCHED_WAKEUP, &rfcomm_event); 1802 rfcomm_process_sessions(); 1803 } 1804 set_current_state(TASK_RUNNING); 1805 return; 1806 } 1807 1808 static int rfcomm_add_listener(bdaddr_t *ba) 1809 { 1810 struct sockaddr_l2 addr; 1811 struct socket *sock; 1812 struct sock *sk; 1813 struct rfcomm_session *s; 1814 int err = 0; 1815 1816 /* Create socket */ 1817 err = rfcomm_l2sock_create(&sock); 1818 if (err < 0) { 1819 BT_ERR("Create socket failed %d", err); 1820 return err; 1821 } 1822 1823 /* Bind socket */ 1824 bacpy(&addr.l2_bdaddr, ba); 1825 addr.l2_family = AF_BLUETOOTH; 1826 addr.l2_psm = htobs(RFCOMM_PSM); 1827 err = sock->ops->bind(sock, (struct sockaddr *) &addr, sizeof(addr)); 1828 if (err < 0) { 1829 BT_ERR("Bind failed %d", err); 1830 goto failed; 1831 } 1832 1833 /* Set L2CAP options */ 1834 sk = sock->sk; 1835 lock_sock(sk); 1836 l2cap_pi(sk)->imtu = RFCOMM_MAX_L2CAP_MTU; 1837 release_sock(sk); 1838 1839 /* Start listening on the socket */ 1840 err = sock->ops->listen(sock, 10); 1841 if (err) { 1842 BT_ERR("Listen failed %d", err); 1843 goto failed; 1844 } 1845 1846 /* Add listening session */ 1847 s = rfcomm_session_add(sock, BT_LISTEN); 1848 if (!s) 1849 goto failed; 1850 1851 rfcomm_session_hold(s); 1852 return 0; 1853 failed: 1854 sock_release(sock); 1855 return err; 1856 } 1857 1858 static void rfcomm_kill_listener(void) 1859 { 1860 struct rfcomm_session *s; 1861 struct list_head *p, *n; 1862 1863 BT_DBG(""); 1864 1865 list_for_each_safe(p, n, &session_list) { 1866 s = list_entry(p, struct rfcomm_session, list); 1867 rfcomm_session_del(s); 1868 } 1869 } 1870 1871 static int rfcomm_run(void *unused) 1872 { 1873 rfcomm_thread = current; 1874 1875 atomic_inc(&running); 1876 1877 daemonize("krfcommd"); 1878 set_user_nice(current, -10); 1879 current->flags |= PF_NOFREEZE; 1880 1881 BT_DBG(""); 1882 1883 rfcomm_add_listener(BDADDR_ANY); 1884 1885 rfcomm_worker(); 1886 1887 rfcomm_kill_listener(); 1888 1889 atomic_dec(&running); 1890 return 0; 1891 } 1892 1893 static void rfcomm_auth_cfm(struct hci_conn *conn, u8 status) 1894 { 1895 struct rfcomm_session *s; 1896 struct rfcomm_dlc *d; 1897 struct list_head *p, *n; 1898 1899 BT_DBG("conn %p status 0x%02x", conn, status); 1900 1901 s = rfcomm_session_get(&conn->hdev->bdaddr, &conn->dst); 1902 if (!s) 1903 return; 1904 1905 rfcomm_session_hold(s); 1906 1907 list_for_each_safe(p, n, &s->dlcs) { 1908 d = list_entry(p, struct rfcomm_dlc, list); 1909 1910 if (d->link_mode & (RFCOMM_LM_ENCRYPT | RFCOMM_LM_SECURE)) 1911 continue; 1912 1913 if (!test_and_clear_bit(RFCOMM_AUTH_PENDING, &d->flags)) 1914 continue; 1915 1916 if (!status) 1917 set_bit(RFCOMM_AUTH_ACCEPT, &d->flags); 1918 else 1919 set_bit(RFCOMM_AUTH_REJECT, &d->flags); 1920 } 1921 1922 rfcomm_session_put(s); 1923 1924 rfcomm_schedule(RFCOMM_SCHED_AUTH); 1925 } 1926 1927 static void rfcomm_encrypt_cfm(struct hci_conn *conn, u8 status, u8 encrypt) 1928 { 1929 struct rfcomm_session *s; 1930 struct rfcomm_dlc *d; 1931 struct list_head *p, *n; 1932 1933 BT_DBG("conn %p status 0x%02x encrypt 0x%02x", conn, status, encrypt); 1934 1935 s = rfcomm_session_get(&conn->hdev->bdaddr, &conn->dst); 1936 if (!s) 1937 return; 1938 1939 rfcomm_session_hold(s); 1940 1941 list_for_each_safe(p, n, &s->dlcs) { 1942 d = list_entry(p, struct rfcomm_dlc, list); 1943 1944 if (!test_and_clear_bit(RFCOMM_AUTH_PENDING, &d->flags)) 1945 continue; 1946 1947 if (!status && encrypt) 1948 set_bit(RFCOMM_AUTH_ACCEPT, &d->flags); 1949 else 1950 set_bit(RFCOMM_AUTH_REJECT, &d->flags); 1951 } 1952 1953 rfcomm_session_put(s); 1954 1955 rfcomm_schedule(RFCOMM_SCHED_AUTH); 1956 } 1957 1958 static struct hci_cb rfcomm_cb = { 1959 .name = "RFCOMM", 1960 .auth_cfm = rfcomm_auth_cfm, 1961 .encrypt_cfm = rfcomm_encrypt_cfm 1962 }; 1963 1964 /* ---- Proc fs support ---- */ 1965 #ifdef CONFIG_PROC_FS 1966 static void *rfcomm_seq_start(struct seq_file *seq, loff_t *pos) 1967 { 1968 struct rfcomm_session *s; 1969 struct list_head *pp, *p; 1970 loff_t l = *pos; 1971 1972 rfcomm_lock(); 1973 1974 list_for_each(p, &session_list) { 1975 s = list_entry(p, struct rfcomm_session, list); 1976 list_for_each(pp, &s->dlcs) 1977 if (!l--) { 1978 seq->private = s; 1979 return pp; 1980 } 1981 } 1982 return NULL; 1983 } 1984 1985 static void *rfcomm_seq_next(struct seq_file *seq, void *e, loff_t *pos) 1986 { 1987 struct rfcomm_session *s = seq->private; 1988 struct list_head *pp, *p = e; 1989 (*pos)++; 1990 1991 if (p->next != &s->dlcs) 1992 return p->next; 1993 1994 list_for_each(p, &session_list) { 1995 s = list_entry(p, struct rfcomm_session, list); 1996 __list_for_each(pp, &s->dlcs) { 1997 seq->private = s; 1998 return pp; 1999 } 2000 } 2001 return NULL; 2002 } 2003 2004 static void rfcomm_seq_stop(struct seq_file *seq, void *e) 2005 { 2006 rfcomm_unlock(); 2007 } 2008 2009 static int rfcomm_seq_show(struct seq_file *seq, void *e) 2010 { 2011 struct rfcomm_session *s = seq->private; 2012 struct sock *sk = s->sock->sk; 2013 struct rfcomm_dlc *d = list_entry(e, struct rfcomm_dlc, list); 2014 2015 seq_printf(seq, "%s %s %ld %d %d %d %d\n", 2016 batostr(&bt_sk(sk)->src), batostr(&bt_sk(sk)->dst), 2017 d->state, d->dlci, d->mtu, d->rx_credits, d->tx_credits); 2018 return 0; 2019 } 2020 2021 static struct seq_operations rfcomm_seq_ops = { 2022 .start = rfcomm_seq_start, 2023 .next = rfcomm_seq_next, 2024 .stop = rfcomm_seq_stop, 2025 .show = rfcomm_seq_show 2026 }; 2027 2028 static int rfcomm_seq_open(struct inode *inode, struct file *file) 2029 { 2030 return seq_open(file, &rfcomm_seq_ops); 2031 } 2032 2033 static struct file_operations rfcomm_seq_fops = { 2034 .owner = THIS_MODULE, 2035 .open = rfcomm_seq_open, 2036 .read = seq_read, 2037 .llseek = seq_lseek, 2038 .release = seq_release, 2039 }; 2040 2041 static int __init rfcomm_proc_init(void) 2042 { 2043 struct proc_dir_entry *p; 2044 2045 proc_bt_rfcomm = proc_mkdir("rfcomm", proc_bt); 2046 if (proc_bt_rfcomm) { 2047 proc_bt_rfcomm->owner = THIS_MODULE; 2048 2049 p = create_proc_entry("dlc", S_IRUGO, proc_bt_rfcomm); 2050 if (p) 2051 p->proc_fops = &rfcomm_seq_fops; 2052 } 2053 return 0; 2054 } 2055 2056 static void __exit rfcomm_proc_cleanup(void) 2057 { 2058 remove_proc_entry("dlc", proc_bt_rfcomm); 2059 2060 remove_proc_entry("rfcomm", proc_bt); 2061 } 2062 2063 #else /* CONFIG_PROC_FS */ 2064 2065 static int __init rfcomm_proc_init(void) 2066 { 2067 return 0; 2068 } 2069 2070 static void __exit rfcomm_proc_cleanup(void) 2071 { 2072 return; 2073 } 2074 #endif /* CONFIG_PROC_FS */ 2075 2076 /* ---- Initialization ---- */ 2077 static int __init rfcomm_init(void) 2078 { 2079 l2cap_load(); 2080 2081 hci_register_cb(&rfcomm_cb); 2082 2083 kernel_thread(rfcomm_run, NULL, CLONE_KERNEL); 2084 2085 BT_INFO("RFCOMM ver %s", VERSION); 2086 2087 rfcomm_proc_init(); 2088 2089 rfcomm_init_sockets(); 2090 2091 #ifdef CONFIG_BT_RFCOMM_TTY 2092 rfcomm_init_ttys(); 2093 #endif 2094 2095 return 0; 2096 } 2097 2098 static void __exit rfcomm_exit(void) 2099 { 2100 hci_unregister_cb(&rfcomm_cb); 2101 2102 /* Terminate working thread. 2103 * ie. Set terminate flag and wake it up */ 2104 atomic_inc(&terminate); 2105 rfcomm_schedule(RFCOMM_SCHED_STATE); 2106 2107 /* Wait until thread is running */ 2108 while (atomic_read(&running)) 2109 schedule(); 2110 2111 #ifdef CONFIG_BT_RFCOMM_TTY 2112 rfcomm_cleanup_ttys(); 2113 #endif 2114 2115 rfcomm_cleanup_sockets(); 2116 2117 rfcomm_proc_cleanup(); 2118 } 2119 2120 module_init(rfcomm_init); 2121 module_exit(rfcomm_exit); 2122 2123 MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>"); 2124 MODULE_DESCRIPTION("Bluetooth RFCOMM ver " VERSION); 2125 MODULE_VERSION(VERSION); 2126 MODULE_LICENSE("GPL"); 2127 MODULE_ALIAS("bt-proto-3"); 2128